New Update Android Security Update for September 2024 Patches Exploited Vulnerability

[silversurfer]

Google on Tuesday announced a fresh set of Android security updates that address 35 vulnerabilities, including a local privilege escalation bug exploited in attacks.

The exploited flaw, tracked as CVE-2024-32896 (CVSS score of 7.8), is a high-severity issue affecting Android’s Framework component. A logic error in the code could lead to protection bypass, allowing a local attacker to elevate privileges.

“The most severe of these issues is a high security vulnerability in the Framework component that could lead to local escalation of privilege with no additional execution privileges needed,” Google notes in the September 2024 Android security bulletin.

Source: Android's September 2024 Update Patches Exploited Vulnerability - SecurityWeek